Redirecting to original paper in 30 seconds...

Click below to go immediately or wait for automatic redirect

arxiv_ai 95% Match Research Paper AI Safety Researchers,LLM Developers,AI Ethics Teams,Product Managers 1 week ago

SAGE: A Generic Framework for LLM Safety Evaluation

ai-safety › alignment
📄 Abstract

Abstract: As Large Language Models are rapidly deployed across diverse applications from healthcare to financial advice, safety evaluation struggles to keep pace. Current benchmarks focus on single-turn interactions with generic policies, failing to capture the conversational dynamics of real-world usage and the application-specific harms that emerge in context. Such potential oversights can lead to harms that go unnoticed in standard safety benchmarks and other current evaluation methodologies. To address these needs for robust AI safety evaluation, we introduce SAGE (Safety AI Generic Evaluation), an automated modular framework designed for customized and dynamic harm evaluations. SAGE employs prompted adversarial agents with diverse personalities based on the Big Five model, enabling system-aware multi-turn conversations that adapt to target applications and harm policies. We evaluate seven state-of-the-art LLMs across three applications and harm policies. Multi-turn experiments show that harm increases with conversation length, model behavior varies significantly when exposed to different user personalities and scenarios, and some models minimize harm via high refusal rates that reduce usefulness. We also demonstrate policy sensitivity within a harm category where tightening a child-focused sexual policy substantially increases measured defects across applications. These results motivate adaptive, policy-aware, and context-specific testing for safer real-world deployment.
Authors (4)
Madhur Jindal
Hari Shrawgi
Parag Agrawal
Sandipan Dandapat
Submitted
April 28, 2025
arXiv Category
cs.CR
arXiv PDF

Key Contributions

SAGE is a novel, automated, and modular framework for LLM safety evaluation that addresses the limitations of current benchmarks. It employs prompted adversarial agents with diverse personalities to conduct system-aware, multi-turn conversations, enabling customized and dynamic harm evaluations across various applications.

Business Value

Provides organizations with a more rigorous and adaptable method to ensure the safety and reliability of LLM deployments, mitigating risks and building user trust.

Paper Metadata

Innovation Type

Framework Development

Deployment Feasibility

High for research and development teams. Requires expertise in prompt engineering and setting up evaluation pipelines.

Limitations Addressed

Single-turn evaluation limitations,Generic policies in benchmarks,Failure to capture real-world conversational dynamics,Missed application-specific harms

Performance Gains

More comprehensive and realistic safety evaluation,Identification of harms missed by standard benchmarks

Technical Tags

Large Language Models (LLMs)AI safety evaluationharm evaluationmulti-turn conversationsadversarial agentspromptingBig Five personality modelsystem-aware evaluationcustomized evaluationSAGE framework

Research Topics

AI SafetyLLM AlignmentModel EvaluationAdversarial TestingResponsible AI

Methods & Architectures

SAGE (Safety AI Generic Evaluation) frameworkPrompted adversarial agentsMulti-turn conversational evaluationBig Five personality model for agent diversity Large Language Models (LLMs)

Applications & Tasks

AI Safety LLM Deployment Natural Language Processing Inadequacy of current LLM safety benchmarksFailure to capture conversational dynamicsOversights in application-specific harmsStatic evaluation methodologies Robust AI safety evaluationDynamic and customized harm evaluationsAssessing LLM behavior in multi-turn interactions

Datasets & Benchmarks

Benchmarks
Evaluation of seven state-of-the-art LLMs across three applications and harm policies.
Harm detectionConversational dynamicsApplication-specific safety metrics

Related Fields

AI SafetyLarge Language ModelsNatural Language ProcessingMachine LearningAI Ethics

Keywords

AI safetyLLM evaluationalignmentharmmulti-turn conversationadversarial testingpromptingresponsible AIframeworkrobustness

Academic Context

#AI Safety#LLM Alignment#Model Evaluation#Adversarial Testing#Responsible AI

Technology Stack

Frameworks & Libraries
SAGE

Commercial Potential

Potential Products
LLM safety testing platformsAutomated red-teaming servicesCustomizable AI safety evaluation tools
Target Industries
TechnologyAI DevelopmentHealthcareFinanceCustomer Service
Use Case Examples
Testing an LLM chatbot for a healthcare application to ensure it doesn't provide harmful medical advice.Evaluating a financial advice LLM for potential biases or manipulative language.Assessing the safety of an LLM used in customer support interactions.
Competitive Edge
Offers a more dynamic, conversational, and application-aware approach to LLM safety evaluation compared to static, single-turn benchmarks.
Market Opportunity
Rapidly growing market for AI safety and responsible AI tools.
Revenue Models
Licensing of the SAGE frameworkconsulting services for AI safety auditsplatform-as-a-service for LLM evaluation.

Resource Requirements

Compute Needs
Moderate to High, depending on the scale of evaluation and the number of LLMs and agents tested.
Data Requirements
Requires defining target applications, harm policies, and configuring adversarial agent prompts.
Deployment Constraints
Requires careful design of adversarial agents and harm policies to be effective and ethical. Interpretation of results requires domain expertise.
Scalability
The modular framework is designed for scalability, allowing for the addition of new agents, applications, and harm policies.
Regulatory Considerations
Ethical considerations in adversarial testingdata privacy if real user data is involved in defining applications.

Production Readiness

Maturity Level

Research

Time to Market

1-2 years for adoption by AI safety teams and integration into MLOps pipelines.

Patent Potential

Low, as it's a framework, but specific agent interaction strategies or evaluation metrics could be patentable.

View Full Paper Back to Papers